{"id":12437,"date":"2023-06-12T09:16:36","date_gmt":"2023-06-12T09:16:36","guid":{"rendered":"https:\/\/conference.hitb.org\/hitbincyber2024\/?post_type=session&#038;p=12437"},"modified":"2023-08-06T00:20:42","modified_gmt":"2023-08-06T00:20:42","slug":"hardware-backdooring-escooter","status":"publish","type":"session","link":"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/","title":{"rendered":"COMMSEC: Hardware Backdooring an eScooter"},"content":{"rendered":"<p style=\"text-align: justify;\">In this talk, we are going to talk about ECU vulnerabilities in e-scooters. Our target is Indian OEM, though similar or\u00a0 same vulnerabilities can be found in other e-scooters, We are going to demonstrate the attack where we took control of an e-scooter with the help of a hardware implant attack. The devices used in this research\u00a0 is cheap to make and cost-effective.<\/p>\n<p style=\"text-align: justify;\">We will show you how we reverse-engineered all functionality of the e-scooter with respect to CANBUS messages and created a hardware implant to install inside the scooter allowing remote access.<\/p>\n<p style=\"text-align: justify;\">Our talk covers:<\/p>\n<ul>\n<li style=\"text-align: justify;\">Basic information on E-scooter architecture and Safety Functionality<\/li>\n<li style=\"text-align: justify;\">Different OEMs in India and their standpoints in market<\/li>\n<li style=\"text-align: justify;\">TARA analysis of ECU with respect to E-Scooters level<\/li>\n<li style=\"text-align: justify;\">Attack demos<\/li>\n<\/ul>\n","protected":false},"template":"","class_list":["post-12437","session","type-session","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>COMMSEC: Hardware Backdooring an eScooter - HITB (in)Cyber 2024 - Abu Dhabi<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"COMMSEC: Hardware Backdooring an eScooter - HITB (in)Cyber 2024 - Abu Dhabi\" \/>\n<meta property=\"og:description\" content=\"In this talk, we are going to talk about ECU vulnerabilities in e-scooters. Our target is Indian OEM, though similar or\u00a0 same vulnerabilities can be found in other e-scooters, We are going to demonstrate the attack where we took control of an e-scooter with the help of a hardware implant attack. The devices used in [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/\" \/>\n<meta property=\"og:site_name\" content=\"HITB (in)Cyber 2024 - Abu Dhabi\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-06T00:20:42+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/\",\"url\":\"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/\",\"name\":\"COMMSEC: Hardware Backdooring an eScooter - HITB (in)Cyber 2024 - Abu Dhabi\",\"isPartOf\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbincyber2024\/#website\"},\"datePublished\":\"2023-06-12T09:16:36+00:00\",\"dateModified\":\"2023-08-06T00:20:42+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/conference.hitb.org\/hitbincyber2024\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Session\",\"item\":\"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"COMMSEC: Hardware Backdooring an eScooter\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/conference.hitb.org\/hitbincyber2024\/#website\",\"url\":\"https:\/\/conference.hitb.org\/hitbincyber2024\/\",\"name\":\"HITB (in)Cyber 2024 - Abu Dhabi\",\"description\":\"May 14 - 16, Etihad Arena \",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/conference.hitb.org\/hitbincyber2024\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"COMMSEC: Hardware Backdooring an eScooter - HITB (in)Cyber 2024 - Abu Dhabi","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/","og_locale":"en_US","og_type":"article","og_title":"COMMSEC: Hardware Backdooring an eScooter - HITB (in)Cyber 2024 - Abu Dhabi","og_description":"In this talk, we are going to talk about ECU vulnerabilities in e-scooters. Our target is Indian OEM, though similar or\u00a0 same vulnerabilities can be found in other e-scooters, We are going to demonstrate the attack where we took control of an e-scooter with the help of a hardware implant attack. The devices used in [&hellip;]","og_url":"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/","og_site_name":"HITB (in)Cyber 2024 - Abu Dhabi","article_modified_time":"2023-08-06T00:20:42+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/","url":"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/","name":"COMMSEC: Hardware Backdooring an eScooter - HITB (in)Cyber 2024 - Abu Dhabi","isPartOf":{"@id":"https:\/\/conference.hitb.org\/hitbincyber2024\/#website"},"datePublished":"2023-06-12T09:16:36+00:00","dateModified":"2023-08-06T00:20:42+00:00","breadcrumb":{"@id":"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/hardware-backdooring-escooter\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/conference.hitb.org\/hitbincyber2024\/"},{"@type":"ListItem","position":2,"name":"Session","item":"https:\/\/conference.hitb.org\/hitbincyber2024\/session\/"},{"@type":"ListItem","position":3,"name":"COMMSEC: Hardware Backdooring an eScooter"}]},{"@type":"WebSite","@id":"https:\/\/conference.hitb.org\/hitbincyber2024\/#website","url":"https:\/\/conference.hitb.org\/hitbincyber2024\/","name":"HITB (in)Cyber 2024 - Abu Dhabi","description":"May 14 - 16, Etihad Arena ","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/conference.hitb.org\/hitbincyber2024\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/conference.hitb.org\/hitbincyber2024\/wp-json\/wp\/v2\/session\/12437"}],"collection":[{"href":"https:\/\/conference.hitb.org\/hitbincyber2024\/wp-json\/wp\/v2\/session"}],"about":[{"href":"https:\/\/conference.hitb.org\/hitbincyber2024\/wp-json\/wp\/v2\/types\/session"}],"version-history":[{"count":1,"href":"https:\/\/conference.hitb.org\/hitbincyber2024\/wp-json\/wp\/v2\/session\/12437\/revisions"}],"predecessor-version":[{"id":13048,"href":"https:\/\/conference.hitb.org\/hitbincyber2024\/wp-json\/wp\/v2\/session\/12437\/revisions\/13048"}],"wp:attachment":[{"href":"https:\/\/conference.hitb.org\/hitbincyber2024\/wp-json\/wp\/v2\/media?parent=12437"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}